Novacoast is seeking a qualified pentester to join our growing security penetration testing team. We take pride in our close-knit culture, where collaboration and support are central to our success. You'll be part of a highly skilled team that values mentorship, continuous learning, and celebrating each other's successes.
This is a fast-paced position, in a highly technical environment with complex non-CHECK work. The penetration tester’s job will be to perform testing against networks, applications (web/mobile) and social engineering.
About Novacoast:
Novacoast is an international cybersecurity company specializing in IT services and software development. With a 25+ year history in the industry, Novacoast has built, maintains, and assesses IT security solutions for some of the world’s largest private and public organizations. Our team is comprised of hundreds of specialists with backgrounds in IT advisory, development engineering, and managed services.
Responsibilities:
* Conduct network, application penetration testing, social engineering, and security reviews.
* Identify and exploit vulnerabilities through hands-on proof-of-concept testing and clearly communicate the impact to clients.
* Prepare detailed reports that outline findings, risks, and actionable remediation recommendations for both technical and executive audiences.
* Collaborate with client development and security teams to address vulnerabilities and implement effective security controls.
* Continuously develop expertise by staying up to date on emerging threats, tools, and methodologies.
* Contribute to the development of internal tools, methodologies, and process improvements to enhance the efficiency and effectiveness of penetration testing engagements.
Requirements:
* 3+ years of penetration testing experience in consulting environment.
* Hands-on experience with network and web application penetration testing.
* Proficiency with tools such as Nessus, Burp Suite, and Metasploit.
* Experience with Python, or another scripting language. Other languages welcomed.
* Ability to identify, analyse, and prioritize security threats by profiling networks and applications.
* Strong analytical and problem-solving skills with the ability to think creatively to identify potential attack vectors.
* Excellent interpersonal skills with the ability to communicate findings effectively and build trust with clients.
* Experience creating detailed technical reports and executive summaries that clearly communicate findings and provide actionable recommendations for remediation.
* Ability to develop proof-of-concept exploits to demonstrate vulnerabilities.
Desirable Skills:
* Software development, code review, static analysis experience.
* Former system/network administration experience.
* Experience assessing cloud configurations, including AWS, Azure, GCP.
* DevSecOps experience, including assessing Docker, Kubernetes, IAC configurations.
* Relevant certifications such as OSCP, OSCE, CSTL, CCT etc.
Novacoast offers:
* Transparent compensation aligned with US market rates, with a commission-based model tied to your billable work.
* Hybrid work (any 3 days/week from home) with flexible working hours.
* Company sponsored holiday incentive program.
* A collaborative, close-knit team that values mentorship, growth, and shared success.
* Support towards earning certifications.
* Private health insurance.
Job Type: Full-time
Pay: £60,000.00-£120,000.00 per year
Additional pay:
* Commission pay
Benefits:
* Private medical insurance
* Work from home
Schedule:
* Monday to Friday
Work Location: Hybrid remote in Manchester M4 5AD